Cloud storage and cloud services provide a stronger computing power and distributed computing capability for IoT users with a minimal cost. However, the security issues of cloud always limit the development of cloud computing and storage. In the meanwhile, the channel instability and exposure of the public network make the security of data in transmission challenged (HTTPS protocol cannot guarantee the security of data after receiving by servers). Even if homomorphic encryption can protect IoTs’ sensitive data, attackers still can infer sensitive behaviors about users by listening to the frequency of cloud services usage. To solve the above problems, in this paper, we propose a novel data transmission structure named HBRSS for high-security data transmission and data processing in insecure cloud environments and channels. HBRSS harnesses proposed data splitting principle to divide the data into blocks, packages the block data and forms a block ring based on the concept of blockchain to ensure the non-tamperability and non-destructibility of data. In addition, we propose an improved partial homomorphic encryption algorithm, which adds fuzzy processing for the data service functions to improve function-privacy. We also build a virtual mistrusted cloud service scene by using Docker and Kubernetes to evaluate our method’s performance, which can also be utilized as a standard attack drill platform for all researchers to test their own security algorithms. Based on our best knowledge, this platform is the first open-source automatic cloud attack exploitation system that contains attacks against browsers, channels, and servers. The experimental results indicate that our new encryption algorithm brings larger key-space and lower power consumption compared with some encryption algorithms.

云存储和云服务以最小的成本为物联网用户提供了更强大的计算能力和分布式计算能力。但是，云的安全问题始终限制着云计算和存储的发展。同时，信道的不稳定和公共网络的暴露使传输中的数据安全性受到挑战（HTTPS协议不能保证服务器接收到数据后的安全性）。即使同态加密可以保护IoT的敏感数据，攻击者仍然可以通过侦听云服务的使用频率来推断用户的敏感行为。为了解决上述问题，本文提出了一种新颖的数据传输结构HBRSS，用于在不安全的云环境和通道中进行高安全性的数据传输和数据处理。HBRSS利用提出的数据拆分原理将数据分为块，将块数据打包并形成基于区块链概念的块环，以确保数据的不可篡改和不可破坏性。此外，我们提出了一种改进的部分同态加密算法，该算法为数据服务功能添加了模糊处理以提高功能保密性。我们还使用Docker和Kubernetes评估了我们方法的性能，从而构建了一个虚拟的不信任云服务场景，它也可以用作所有研究人员测试其自身安全算法的标准攻击演练平台。根据我们的专业知识，该平台是第一个开源的自动云攻击利用系统，其中包含针对浏览器，渠道和服务器的攻击。